[NET-10290] Update ENVOY_VERSIONS (#21524)

* [NET-10290] Update ENVOY_VERSIONS

* Add changelog entry

* Link to CVE for more info in changelog entry

Co-authored-by: Deniz Onur Duzgun <59659739+dduzgun-security@users.noreply.github.com>

---------

Co-authored-by: Deniz Onur Duzgun <59659739+dduzgun-security@users.noreply.github.com>
This commit is contained in:
Nathan Coleman 2024-07-08 18:59:51 -04:00 committed by GitHub
parent dce6241869
commit 8d2370da76
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 6 additions and 3 deletions

3
.changelog/21524.txt Normal file
View File

@ -0,0 +1,3 @@
```release-note:security
Upgrade envoy module dependencies to version 1.27.7, 1.28.5 and 1.29.7 or higher to resolve [CVE-2024-39305](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39305)
```

View File

@ -8,7 +8,7 @@
# #
# See https://www.consul.io/docs/connect/proxies/envoy#supported-versions for more information on Consul's Envoy # See https://www.consul.io/docs/connect/proxies/envoy#supported-versions for more information on Consul's Envoy
# version support. # version support.
1.29.5 1.29.7
1.28.4 1.28.5
1.27.6 1.27.7
1.26.8 1.26.8